Re: MS security Update Virus
From: shibu (shibu_baby_at_yahoo.com)
Date: 09/22/03
- Next message: Bill Sanderson: "Re: Memory access violation in module kernal32"
- Previous message: Kent W. England [MVP]: "Re: How to configure TCP/IP Filtering to connecting JetDirect?"
- In reply to: Richard Mueller: "MS security Update Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Sep 2003 21:06:37 -0700
Hi Richard
Thanks for your response.
I don't no why this yahoo people is not updating there server with
this virus info.
I have one more doubt. I am using yahoo mail and not using any other
POP or mail client tools. Checking my mails from www.mail.yahoo.com.
Is there any rule I can set in yahoo, so that my Junk mails will be
automatically get deleted from yahoo server immediately. Is there any
third party software available...
Please give your idea.
Thanks
Shibu
"Richard Mueller" <rlmueller@ameritech.net> wrote in message news:<015501c37fac$28f73d20$a401280a@phx.gbl>...
> Hi,
>
> Good questions. I just spent considerable time cleaning
> out my mailbox on a yahoo server. The crazy part is that
> the messages are blocked because they look like spam, not
> because they infected. Many more infected messages get
> through. The ones blocked are kept in a "bulk" folder for
> you to review, again, because they might be spam, not
> because they are infected. I configured my yahoo account
> to no longer block spam, but allow everything to be
> downloaded, then immediately deleted from the yahoo
> server. This way, my virus software and firewall can deal
> with it. Of course, I never even look at any email until I
> have disconnected from the Internet, and I never click on
> attachment. If in doubt, I save to disk and scan.
>
> The only solution I know is to either review you email
> online through the Yahoo site, or turn of the spam blocker
> (as I did) so your mailbox on their server doesn't fill up
> without you even knowing. Of course, then you must deal
> with the mail in your email program.
>
> The virus is W32.Swen.
> Microsoft info:
> http://www.microsoft.com/technet/treeview/default.asp?
> url=/technet/security/virus/alerts/swen.asp
>
> Symantec Info:
> http://securityresponse.symantec.com/avcenter/venc/data/w32
> .swen.a@mm.html
>
> Two type of messages are infected:
>
> 1. Spoofed Microsoft update or patch messages with *.exe
> attachment.
> 2. Mail delivery failure notices. These don't appear to
> have an attachment, but have html source code that
> attempts to download or run a script. They are infected.
>
> The latest Norton AntiVirus signature file does not
> recognize this virus. Download the beta signature file at
> this link, which does recognize it.
>
> ftp://ftp.symantec.com/public/english_us_canada/antivirus_d
> efinitions/norton_antivirus/beta/symcbetadefsi32.exe
>
> The same thing happened with the Sobig.F virus a few weeks
> ago. Most of the mail servers do not recognize the virus.
> They block because it looks like spam, or send you mail
> delivery failure messages because the addressee is unknown
> (not because it's infected). This amazes me.
>
> Richard
> Microsoft MVP Scripting and ADSI
> >-----Original Message-----
> >Hi All,
> >I am getting a virus from "xxxx&advisor.ms.com" which
> gives some
> >security upgrade for windows application. Due to this
> virus size, my
> >Yahoo free space is exceeding. What I can do, so that
> this mails will
> >be blocked by yahoo itself. Why yahoo team is not
> upgrading there mail
> >server with this virus details...
> >
> >Regards
> >Shibu
> >.
> >
- Next message: Bill Sanderson: "Re: Memory access violation in module kernal32"
- Previous message: Kent W. England [MVP]: "Re: How to configure TCP/IP Filtering to connecting JetDirect?"
- In reply to: Richard Mueller: "MS security Update Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
